A large-scale global cyber attack could cost Australia more than five times a severe natural disaster, a new report has found.
The report, co-written by insurance market Lloyd’s of London and risk-modelling firm Cyence, investigated a range of potential scenarios in an attempt to quantify the threat that cyber attacks pose, and the existing insurance gap.
It found that a cyber attack could cost an average of $US53.1 billion ($67.1 billion), more than five times the estimated cost of the devastating Queensland floods in 2011, and significantly more than the 2009 Black Saturday bushfires in Victoria, and the 1989 Newcastle Earthquake.
The main two potential scenarios the report investigated were a cloud service provider hack and a mass vulnerability hack.
It found that a cloud service disruption could see losses range from $US4.6 billion for a “large event” to as much as $US121 billion. The software vulnerability situation could see losses as high as $US28.7 billion for an “extreme event”.
The report also found an existing insurance gap could be in the range of $US45 billion, leaving businesses and government highly vulnerable to damaging cyber attacks.
“This report gives a real sense of the scale of damage a cyberattack could cause the global economy,” Lloyd’s CEO Inga Beale said.
“Just like some of the worst natural catastrophes, cyber events can cause a severe impact on businesses and economies, trigger multiple claims and dramatically increase insurers’ claims costs.”
The report comes after two significant worldwide ransomware attacks this year which brought hospitals in the UK to a standstill and hit nearly 100 countries.
Lloyd’s general representative in Australia Chris Mackinnon said businesses in particular have to be vigilant against cyber threats.
“Businesses today are interconnected by digital technology and services, meaning a single cyber event can cause a severe impact across an economy,” Mackinnon said.
“An attack of that magnitude could create losses bigger than some of Australia’s worst natural disasters combined.”
The Australian government has recently placed a specific emphasis on cybersecurity. Most recently a new cyber division was created within the Australian Defence Forces, with the federal government directing the ASD to use its “offensive cyber capabilities to disrupt, degrade, deny and deter offshore cyber criminals”. This will see 800 new cybersecurity roles created.
Minister Assisting the Prime Minister for Counter Terrorism, Michael Keenan, delivered a speech this week at the International Conference on Cyber Crime and Computer Forensics on the Gold Coast, reaffirming the government’s commitment to cybersecurity.
“Australia is one of the most connected countries in the world -- which also makes us vulnerable to malicious cyber activity in all its forms,” Keenan said in the speech.
“This government has recognised that the threat of malicious cyber activity is serious and growing. We have taken a leading multifaceted approach to ensure the safety and security of all Australians online.
“We are supporting small business to develop their cyber capabilities, we are boosting collaboration with industry domestically and globally, we are securing critical infrastructure, and importantly we are building cyber resilience.”
